Get a Pentest and security assessment of your IT network.

Cyber Security

Jira Server and Service Desk Fix Critical Security Bugs

Atlassian releases updates for Jira Service Desk and Jira Data Center to fix a critical-severity security bug that can be exploited by anyone with access to a vulnerable customer portal. The bug is a URL path traversal leading to information disclosure and is now tracked as CVE-2019-14994. The vulnerability is connected to a previous vulnerability disclosed by researcher Orange Tsai to Uber in 2018, which permitted access to the company’s internal server by adding “..;”” to the URL path parameter. The company recommends adding the rule below to the “”URLwrite”” section of “”[jira-installation-directory]/atlassian-jira”””

Source: https://www.bleepingcomputer.com/news/security/jira-server-and-service-desk-fix-critical-security-bugs/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation